North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Bogon Filter - Please check for 77/8 78/8 79/8

  • From: Barry Greene (bgreene)
  • Date: Fri Dec 15 14:25:32 2006
  • Authentication-results: sj-dkim-1; [email protected]; dkim=pass (sig from cisco.com/sjdkim1002 verified; );
  • Dkim-signature: v=0.5; a=rsa-sha256; q=dns/txt; l=2584; t=1166210498; x=1167074498;c=relaxed/simple; s=sjdkim1002;h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version;d=cisco.com; [email protected];z=From:=20=22Barry=20Greene=20\(bgreene\)=22=20<[email protected]>|Subject:=20RE=3A=20Bogon=20Filter=20-=20Please=20check=20for=2077/8=2078/8=2079/8|Sender:=20;bh=NuA+XvonGeYnx8/a/EPk0HG42uKIbV9z6pRFdxwqs28=;b=fKoi9t8VsApr4pXJa/XfWD7Mb19W0Y6WrYZu59eB2KVYeBiB0Lz6T6BbQ6zyB34+CuRWLlBdvS6f1+sPQEjSqwy3lNeE2Xh719NwMxp5k0my9P9B+yf5qm7/oHiZQx9f;
-> We have this source:
http://www.iana.org/assignments/ipv4-address-space

-> We "source" URLs for each of the RIRs in the prefix filter templates:

	
ftp://ftp-eng.cisco.com/cons/isp/security/Ingress-Prefix-Filter-Template
s/
	
http://www.cymru.com/gillsr/documents/junos-isp-prefix-filter-loose.htm
	
http://www.cymru.com/gillsr/documents/junos-isp-prefix-filter-strict.htm

-> We have the Bogon Router Server:

	http://www.cymru.com/BGP/bogon-rs.html

-> We have the RIPE project to help with the migration:

	http://www.ris.ripe.net/debogon/
 
-> We have the RADB Filters:

	
http://www.radb.net/cgi-bin/radb/whois.cgi?obj=MAINT-BOGON-FILTERS

-> We have the RIPE DB Filters:

	
http://www.ripe.net/perl/whois?searchtext=MAINT-BOGON-FILTERS&form_type=
simple


-> And there is DNS and E-mail notifications ......


All of this is listed at http://www.cymru.com/Bogons/index.html


So what would be helpful are people who say "I've done everything (or
some of the things) off the Bogon Team page and think there is a better
way." The core problem right now are that too many organizations are
doing nothing to maintain policy once that policy choice has been
selected.






> -----Original Message-----
> From: [email protected] [mailto:[email protected]] On 
> Behalf Of David Conrad
> Sent: Thursday, December 14, 2006 4:50 PM
> To: [email protected]
> Cc: [email protected]
> Subject: Re: Bogon Filter - Please check for 77/8 78/8 79/8
> 
> 
> Hi,
> 
> > or LDAP could be used ...
> 
> I was wondering when this would show up... :-)
> 
> > If IANA and the RIRs would step up to the plate and provide an 
> > authoritative data source identifying which address ranges 
> have been 
> > issued for use on the Internet then bogon lists would not 
> be needed at 
> > all.
> > ... IANA would be the authoritative source for stuff like RFC 1918 
> > address ranges and other non-RIR ranges.
> 
> IANA has a project along these lines at the earliest stage of 
> development (that is, we're trying to figure out if this is a 
> good idea and if so, the best way to implement it).  I'd be 
> interested in hearing opinions (either publicly or privately) 
> as to what IANA should do here.
> 
> > One wonders whether it might not be more effective in the 
> long run to 
> > sue ICANN/IANA rather than suing completewhois.com.
> 
> Sigh.  What is the IOS command to disable lawyers again?
> 
> Rgds,
> -drc
>